![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 7.000000000000001%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELV%3C/text%3E%3C/svg%3E)
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,389 questions
Hello @Lê Vũ Thùy Dương
Every Azure VPN gateway consists of two instances in an active-standby configuration. For any planned maintenance or unplanned disruption that happens to the active instance, the standby instance would take over (failover) automatically, and resume the S2S VPN connection.
To provide better availability for your cross premises connections you can create an Azure VPN gateway in an active-active configuration, where both instances of the gateway VMs will establish S2S VPN tunnels to your on-premises VPN device, as shown the following diagram:
In this configuration, each Azure gateway instance will have a unique public IP address, and each will establish an IPsec/IKE S2S VPN tunnel to your on-premises VPN device specified in your local network gateway and connection.
Azure VPN Gateway support multiple tunnels between a VNet and an on-premises site with automatic failover based on BGP
This capability provides multiple tunnels (paths) between the two networks in an active-active configuration.
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-highlyavailable
https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-bgp-overview